<a href="https://colab.research.google.com/github/thedavidneufeld/Projects/blob/main/Primes_and_RSA.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

###LBED 2100 Project
###March 22, 2024
###David Neufeld

# Prime Numbers
In order for a number $n$ to be considred **prime**, it must meet 2 criteria:
*   $n$ is a natural number ($n\in\mathbb{N}$)
*   $n$ is divisible by only 1 and itself ($n$)
 *  There is an "exception" to this. 1 is divisible by 1 and itself, but 1=$n$. So, in reality, 1 is only divisible by one number. Therefore, it is not prime.

For the most part, any natural number which does not meet the second criteria listed here for prime numbers is **composite**. The criteria for a composite number $m$ are:
*   $m\in\mathbb{N}$
*   $m$ is divisble by at least one natural number other than 1 and itself
 *  There is an "exception" to this as well. 0 is divisible by *almost* any number other than itself. Then natural number which 0 is not divisible by is itself (just as **no** number is divisible by 0). Some definitions for composite numbers state that a coomposite number must be divisible by 1, itself, and another natural number. Other definitions just state that the number must be divisible by a natural number other than 1 and itself. Regardless, it is widely accepted that 0 is **not** composite.

Now, lets test some numbers to check if they are prime, composite, or neither. To do this, we will use the Python % operator. This divides a number into integers and returns the remainder. For instance $6/4=1$ with a remainder of 2 since $4*1+2=6$. Thus, we can write $6\%4=2$. The simplest way to use this for checking if a number is prime or composite is to check the remainder of each possible division of that number (other than by 1 and itself). If any remainder is 0, then our number is evenly divisible into a natural number other than 1 and itself, and it is composite. Otherwise, it is prime (unless, of course, our number is 0 or 1).

In [1]:
5%4

1

In [2]:
5%3

2

In [3]:
5%2

1

From the above calculations, we can see that 5 is not evenly divisible by any natural number between 1 and 5. Thus, we can conclude that 5 is prime. However, this process was quite tedious as we have to manually write out the calculations. What if we want to find out if 27 is prime or composite? We would potentially need to check 25 values to determine whether 27 is prime or not. So, here I will introduce a simple algorithm that returns the factors of any integer fed to it. This algorithm is based off of the one found here: https://www.programiz.com/python-programming/examples/factor-number.

In [4]:
# function to obtain the factors of a number x
def get_factors(x):
  # store all factors of x in an array
  factors = []
  # check all natural numbers 1,..., x
  for i in range(1, x+1):
    # if i is a factor of x, add it to the factors array
    if x%i==0:
      factors.append(i)
  # return the array of x's factors
  return factors

Using the function just defined, we can now find the factors of a number and determine for ourselves if it is prime or composite. Let's determine whether 27 is prime or composite.

In [5]:
get_factors(27)

[1, 3, 9, 27]

Let's double check.

In [6]:
3*9

27

It appears that 27 has factors other than 1 and itself, so 27 is **composite**. What about 29?

In [7]:
# try changing the number to see the factors and determine
# whether it is prime or composite
get_factors(29)

[1, 29]

The only factors of 29 are 1 and itself. So, 29 is **prime**.

Now, we don't really need to look at the factors of a number to determine if its prime or not. We can have the algorithm do that for us by changing it slightly. In this new algorithm, we will look at all possible factors of a number, but we won't store them. Instead, we will just see if the number has any factors other than 1 and itself.

In [8]:
# function to determine if a number x is prime
def is_prime(x):
  # 0 and 1 are special cases, if x is 0 or 1
  # then we know it isn't prime
  if x==0 or x==1:
    return False
  # check all natural numbers 2,..., (x-1)
  # to see if they are a factor of x
  for i in range(2, x):
    # if i is a factor of x, then x is not prime
    if x%i==0:
      return False
  # if x has no factors 2,..., (x-1),
  # then x is prime
  return True

Now, let's test this out for our previous tested 27 and 29.

In [9]:
is_prime(27)

False

In [10]:
is_prime(29)

True

What about 143?

In [11]:
# try changing the value to determine
# if other numbers are prime
is_prime(143)

False

What are the factors of 143?

In [12]:
get_factors(143)

[1, 11, 13, 143]

In [13]:
11*13

143

Although this algorithm works, it can take a lot of time when given large numbers. This is especially true if the number really is prime. For instance, let's try to test the number 232,654,931 (our algorithm needs to do 232,654,929 calculations to find out that it is prime).

In [14]:
is_prime(232654931)

True

Though it may seem that we need to check all of these numbers to be sure that our number is prime, we actually don't. Let's look at the factorization of a few numbers.

In [15]:
get_factors(15)

[1, 3, 5, 15]

In [16]:
get_factors(20)

[1, 2, 4, 5, 10, 20]

In [17]:
get_factors(64)

[1, 2, 4, 8, 16, 32, 64]

Notice anything about the factors? Each number has at least one factor which is less than or equal to the square root of that number. For instance:
*   $\sqrt{15}=3.872...\geq3$
*   $\sqrt{20}=4.472...\geq4\geq2$
*   $\sqrt{64}=8\geq8\geq4\geq2$

These are not just carefully chosen examples. That any composite number must have at least one factor less than or equal to its square root is showcased in trial division https://www.khanacademy.org/computing/computer-science/cryptography/comp-number-theory/a/trial-division. Here, I will try to demonstrate intuitively why this is the case.

Let's take a look at the number 16 and manually obtain its factors:
*   Is 16 divisible by 1? Of course! This is trivial. $16/1=16$.
*   Is 16 divisible by 2? Yes. $16/2=8$.
*   Is 16 divisible by 3? No. $16/3=5.33...$.
*   Is 16 divisible by 4? Yes. $16/4=4$.
*   Is 16 divisible by 5? No.

Rather than divide 16 by 5, let's look at the calculation $5*5$. $5*5=25$, which is larger than 16. So, we know that *if* 16 were divisible by 5, the result of $16/5$ would need to be less than 5. If this were the case though, then we would already have that result as one of our listed factors. However, we did not have a case where 16 was divided by a number and resulted in 5. So, we *already knew* that 16 wasn't divisible by 5. All of the factors of 16 can be found by looking at our calculations when dividing by 1, 2, 3, and 4. $16/1=16$, so 1 and 16 are factors of 16. $16/2=8$, so 2 and 8 are factors of 16. $16/4=4$, so 4 is a factors of 16. This means that the factors of 16 are 1, 2, 4, 8, and 16. We can verify this with the code below.

In [18]:
get_factors(16)

[1, 2, 4, 8, 16]

To reiterate, when a number $n$ is factored into 2 numbers $a$ and $b$, where $a\geq b$, the maximum value for $b$ is $\sqrt{n}$. If it were any larger, $a*b$ would be greater than $n$ (and thus, not factors of $n$).

Given this knowledge about the factors of numbers, we can define a new function for determining whether a number is prime or not. This new function will be very similar to the first but will only need to check if the numbers $2,...,\sqrt{n}$ are factors of $n$. If none of these numbers are factors of $n$, then $n$ is prime.

In [19]:
# get the sqrt and floor functions from the math library
from math import sqrt, floor

def is_prime_v2(x):
  # 0 and 1 are special cases, if x is 0 or 1
  # then we know it isn't prime
  if x==0 or x==1:
    return False
  # check all natural numbers 2,..., sqrt(x)
  # to see if they are a factor of x
  for i in range(2, floor(sqrt(x))+1):
    # if i is a factor of x, then x is not prime
    if x%i==0:
      return False
  # if x has no factors 2,..., sqrt(x),
  # then x is prime
  return True

Note that the function above takes the "floor" of the square root. This is because our number is most likely not a perfect square. In this case, we are only interested in the number *before* the decimal, and this is exactly what the floor function gives us. Having made this one small change, our function has just become much more efficient. Let's see how much quicker we can now check if 232,654,931 is prime.

In [20]:
# try changing the value to determine if
# other numbers are prime or not
is_prime_v2(232654931)

True

This calculation is much quicker, but does our function *really* work? Without a mathematical proof, it is difficult to make this claim. However, we can test that it works as expected on some examples.

In [21]:
is_prime(35)

False

In [22]:
is_prime_v2(35)

False

We can do some more checks, but we can just check that the output of both functions is equivalent.

In [23]:
# the output of this will tell us if the functions
# both return the same value
# if they do, then True will be returned
# if they don't, then False will be returned
is_prime(42)==is_prime_v2(42)

True

In [24]:
is_prime(67)==is_prime_v2(67)

True

In [25]:
is_prime(126)==is_prime_v2(126)

True

Again, this is by no means a hard proof of the concept, but rather, a few small examples that is working like it should. This will conclude the section on prime numbers and factoring. More efficient algorithms for checking primality exist, but those will not be covered here. We will now move on to a practical application of prime numbers.

# RSA Encryption
At some point, one must ask the question, "what's so special about prime numbers"? This is a valid question. Mathematically, there are many aspects of prime numbers that make them "special". Still, is there any *practical* use for them? Well, actually, yes! In computer science, prime numbers are very important. Encryption algorithms, like RSA (which we will discuss soon), rely on prime numbers to keep information private. Without encryption, your passwords, messages, bank account info, and anything else you have that is accessed over the internet could easily be seen by anyone. Seeing how valuable this is, let's look at the RSA algorithm to see how prime numbers can keep your information safe.

The information regarding RSA encryption discussed here is based off of the explanation found at https://brilliant.org/wiki/rsa-encryption/. Suppose you wish to send a message to your friend, but there is a possibility that someone who shouldn't read it could (perhaps you are sending the message by paper airplane and they snatch it out of the air?). If you send this message as is, then anyone who gets their hands on it will be able to read it. You need a secret code. How do you set it up though? First, your friend needs to create a code that is made up of 2 parts. There is the public code that anyone can see, and there is the private code that only your friend can see. Your friend sends you this public code (and also keeps a copy of it for themself). When you get this code, you can use it to encode your message and send it back to your friend. With your message encoded, it doesn't matter it someone else sees it. In fact, it doesn't even matter if they see the public code. When your friend gets the message, they can use their private code to decode it. In this way, they are the only person who knows what you wrote.

This is essentially what occurs when RSA encryption is used. However, the "codes" are actually referred to as keys. So, how do we create them? Let's start with the public key. To create the public key, we need:
*   2 prime numbers, $p$ and $q$. They are supposed to be large (often larger than $2^{256}$). However, in the examples we will use smaller numbers for $p$ and $q$.
*   $p$ and $q$ are used to calculate $n=p*q$.
*   A value $\phi(pq)=(p-1)(q-1)$ is calculated, and a number $e$ that is relatively prime to $\phi(pq)$ is chosen.
 *  For 2 numbers to be "relatively prime", the GCD of the 2 numbers must be 1.

From these values, $n$ and $e$ are the public key and are visible to anyone. What about the private key? How do we get that? We already have all of the components needed. Using $e$ and $\phi(pq)$, we can calculate a value $d$. This will be the private key. Before calculating $d$, let's cover a few concepts:
*   As discussed previously, the % operator gives us the remainder of a division. This operator is known as the **modular** operator. In mathematical notation, we would write something like 12%5=2 as $5\equiv2(mod 12)$. This means that the number 5 is equivalent to taking 2 (mod 12) (as 2%12=2). Given this knowledge, we can find something known as the **modular inverse**.
*   If we have some value $a (mod n)$, then the modular inverse of this is $x$ where $a*x\equiv 1 (mod n)$ https://www.khanacademy.org/computing/computer-science/cryptography/modarithmetic/a/modular-inverses. This modular inverse will be our value $d$.

With the knowledge of what we are calculating, we can now obtain $d$. The equation for this calculation is $de\equiv1(mod\phi(pq))$. Since $\phi(pq)$ is not known to the public, $d$ is secure. Below is a simple algorithm that can compute a modular inverse for us. It should be noted that this works as expected due to the nature of the numbers used for the algorithm, particularly the fact that $e$ is relatively prime to $\phi(pq)$.

In [26]:
# function to calculate the modular inverse of
# a (mod n)
def mod_inverse(a, n):
  # check each value in range 1 to n-1
  # to see if it is the modular inverse
  for i in range(1, n):
    # if this equation is satisfied, i is
    # the modular inverse and should be returned
    if (a*i)%n == 1:
      return i

With our new function, let's try finding a modular inverse!

In [27]:
# 3 and 7 are both prime, so a modular inverse
# should exist (and there should be only 1)
#
# try changing the values to see if a modular inverse
# exists (and what it is)
# NOTE: since this function assumes the numbers are
# relatively prime, some combinations of numbers could
# have more than one modular inverse, but only the first
# one found will be returned
mod_inverse(3, 7)

5

Let's verify.

In [28]:
5*3%7

1

$5*3\equiv1(mod7)$, so our function returned the correct answer! We could produce a more efficient function for this calculation, but for our purposes, the efficiency of the algorithm will not be an issue.

We now have the information necessary to develop a simple algorithm for creating public and private RSA keys. Since this algorithm is being used for demonstrative purposes, it will not use large numbers. The values $p$ and $q$ will be randomly chosen from a list of primes between 11 and 97. The value for $e$ will be 101 as it must be relatively prime to $\phi(pq)$ since $p$ and $q$ are both smaller than 101 and 101 is prime. This algorithm is by no means secure, but it will demonstrate the basic concept of RSA encryption.

In [29]:
# import random library for random selection of primes
import random
def RSA_keys():
  # list of prime options for p and q
  primes = [11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61,
            67, 71, 73, 79, 83, 89, 97]
  # choose a random prime for p
  p = random.choice(primes)
  # remove this choice from primes so p won't be equal to q
  primes.remove(p)
  # choose a random prime for q
  q = random.choice(primes)
  # set e to 101
  e = 101
  # calculate n
  n = p*q
  # store n and e in the public key array
  public_key = [n, e]
  # calculate (p-1)(q-1)
  m = (p-1)*(q-1)
  # get the modular inverse of e (mod m) and save it as d (the private key)
  d = mod_inverse(e, m)
  # return the public and private keys
  return public_key, d

We'll give the algorithm a quick test.

In [30]:
RSA_keys()

([3071, 101], 2309)

Now that we know the key generation works, we can move on to discussing how the send an encrypted message (and how to decrypt it). For our purposes, we will assume that the message will only contain upper and lower case letters. This is a problem though. If we are using numbers to encrypt and decrypt messages, then how can we send messages with letters? The answer: ASCII encoding. All letters are already encoded as numbers in computer systems where A=65, B=66,..., Z=90,..., a=97, b=98,..., and z=122. By dealing with our letters in their ASCII encoding, we can use RSA to encrypt our messages.

Now, to send a message we need to use the public key ($n$ and $e$) which has been provided to us. First, we need to know how much of the message can be sent at a time. Since $n$ can be as small as $11*13=143$, our message, which we will call $m$, must be sent one letter at a time. The reason behind this is that $m< n$ must be true. Our chosen ASCII values can be as high as 127, so a single letter will always be less than $n$ in our message. So, now that we know the limitations, let's find out how to encrypt our message.
*   Given our message (letter) $m$, we need to raise its ASCII value to the power of $e$. We then use the modular operator with the value $n$ to get our encrypted value. Thus, we have an equation $c\equiv m^e(mod n)$ where $c$ is our encrypted value. This is what we will send as our message.
 *  As an example, suppose we wish to send the letter 'a'. We take the ASCII code for a, which is 97. Our value for $e$ is 101, $p=11$, $q=13$, and our value for $n$ is 143. We then calculate $m^e=97^{101}\equiv 119(mod 143)$. Thus, our encrypted letter is 119. This encrypted message could potentially be seen by anyone.

With the ability to encrypt the message, let's now look at how to decrypt it. This requires the use of the private key ($d$). The decryption is as follows:
*   We raise our encrypted message $c$ to the power of $d$. With this, we can then calculate $m\equiv c(mod n)$. This $m$ is the same value that was encrypted before, so we have decrypted the message and gotten the original message!
 *  In the encryption example, we got a value $c=119$. We had values of $e=101$, $p=11$, $q=13$, and $n=143$. Using this information, we can compute $d$. Remembering that $de\equiv1(mod\phi(pq))$, we can find $d=101$. So, $101*101=10201\equiv1(mod120)$. We can now use $d=101$ to decrypt our message: $c^d=119^{101}\equiv 97(mod143)$. This is exactly the message we had encrypted, so we have obtained the original message! It should be noted that in this example $d$ and $e$ were the same value. This is, of course, not very secure. However, this is not typically the case, especially when dealing with larger values for $p$, $q$, and $e$.

Now that we know how to encrypt and decrypt messages, lets look at functions which do this for us.

In [31]:
# a function, which, given a message m, and
# a public key n and e, encrypts the message
def encrypt(m, n, e):
  # return the result of m^e (mod n)
  return m**e%n

# a function, which, given an encrypted message c,
# a public key n, and a private key d,
# decrypts the message
def decrypt(c, n, d):
  # return the result of c^d (mod n)
  return c**d%n

Let's test this using our example from before.

In [32]:
# try changing m to different values
# between 65 and 122 to test out the functions
m = 97
n = 143
e = 101
secret_message = encrypt(m, n, e)
secret_message

119

In [33]:
d = 101
decrypt(secret_message, n, d)

97

Building upon the functions that we've already created, let's look at creating new functions for encryption and decryption that allow us to work with whole messages instead of single letters.

In [34]:
# function that, given a message m of any length consisting of letters
# and the public key n and e, encrypts the message m
def encrypt_messsage(m, n, e):
  # seperate m into its characters
  msg = list(m)
  # encrypt each letter in ASCII separately
  for i in range(len(msg)):
    # encrypt the ASCII encoding of each letter
    # ord() converts a character into ASCII
    msg[i] = encrypt(ord(msg[i]), n, e)
  # return the encrypted message
  return msg

# function that, given an encrypted message c of any length, a public key n,
# and a private key d, decrypts the message
def decrypt_message(c, n, d):
  # create new array for decrypted message
  c2 = []
  # decrypt each part of the message
  for i in range(len(c)):
    # decrypt each number, then convert back into a letter
    # chr() converts an ASCII encoding into a character
    c2.append(chr(decrypt(c[i], n, d)))
  # convert message back into a string from list
  msg = ''.join(str(x) for x in c2)
  # return the decrypted message
  return msg

Now we can test these functions out using our previously defined values for n, e, and d.

In [35]:
m = 'Hello World'
n = 143
e = 101
secret_message = encrypt_messsage(m, n, e)
secret_message

[50, 134, 75, 75, 89, 54, 120, 89, 4, 75, 133]

In [36]:
d = 101
decrypt_message(secret_message, n, d)

'Hello World'

It works! We have just successfully encrypted and decrypted a message. Now we can use our function for creating RSA keys to try encrypting with different values of n, e, and d.

In [37]:
# generate new keys
pub_keys, d = RSA_keys()
n = pub_keys[0]
e = pub_keys[1]
# display new keys
print(f"n:{n}\ne:{e}\nd:{d}")

n:2537
e:101
d:1013


In [38]:
# try changing the value of m and rerunning these cells
m = 'secret message'
secret_message = encrypt_messsage(m, n, e)
secret_message

[220, 40, 1572, 89, 40, 277, 2453, 1691, 40, 220, 220, 2148, 238, 40]

In [39]:
# try replacing d with another number and see what is returned
decrypt_message(secret_message, n, d)

'secret message'

That's the RSA encryption algorithm! Well, it's a basic implementation of it. We can break this quite easily for 2 reasons. First, small numbers were used for $p$ and $q$. This means that we can easily factor $n$ and find $p$ and $q$. The combination of knowing $p$, $q$ and $e$ means that we can easily find $d$ and decrypt the message. The second reason our implementation is so easy to break is that only one letter is encrypted at a time. This also has to do with the size of $p$ and $q$, but only needing to guess one letter means its pretty easy to keep encrypting letters until you've found the encryption values for all characters. We will next look at exploiting both of these vulnerabilities to demonstrate the importance of using big $p$ and $q$ values. We can start with factoring $n$.

In [40]:
# given an encrypted message, n, and e, we will decrypt the message
encrypted_msg = [69, 161, 148, 2, 49, 224]
n = 323
e = 101
# factor n to find p and q
n_factors = get_factors(n)
# there will be 4 factors, p and q are the second and third
p = n_factors[1]
q = n_factors[2]
# now that we know the factors, calculate d
d = mod_inverse(e, (p-1)*(q-1))
# we now have the private key
# extract information from message
decrypt_message(encrypted_msg, n, d)

'got ya'

That's all there is to it. If we can factor $n$, then we can calculate $d$. Thus, it's important that $p$ and $q$ be large so that it becomes more difficult to factor $n$. Next, we will look at decrypting the message by brute force. In this case, brute force means calculating the encryption of letters until we have found which letter the encrypted value is associated with.

In [41]:
# store decrypted values in a list
decrypted_msg = []
# for each value in the encrypted message, calculate the encrypion of different
# letters until they match the encrypted message
#
# even though our letters are only in the range 65-122, some characters,
# like space, are outside that range
# there are 128 basic ASCII encodings
for j in encrypted_msg:
  for i in range(128):
    # if the encryption of the ASCII code i matches the encrypted number j,
    # then save this value to the list as a character
    if encrypt(i, n, e) == j:
      decrypted_msg.append(chr(i))
# convert list to string
''.join(str(x) for x in decrypted_msg)

'got ya'

Just like that, we have decrypted the message without even needing the public key! This process would become much more difficult if the message was allowed to be many characters long. This adds security by removing our knowledge of how the characters are combined and how many characters there are. Thus, such a brute force attack as shown above becomes much harder to perform.


So, now we know that we need large $p$ and $q$ values for security. However, why do they need to be prime? Can't we just use 2 random numbers $p$ and $q$? Finding an answer to this is difficult. It cannot be definitely stated here that they cannot be prime, but the algorithm is designed in such a way that assumes they are. The main advantage which this provides is that $n$ will only have 2 factors other than 1 and itself. If we begin to factor $n$ and realize that 24 is a factor, then we also determine that 2, 3, 4, 6, 8, and 12 are factors. This means that we have more candidates for $p$ and $q$, but knowing more factors gives us the ability to find other factors. Thus, we could potentially find the factors $p$ and $q$ more quickly. However, this is just a hypothesis. Regardless, prime numbers have been able to make encryption possible.

This brings an end to this discussion on prime numbers and their use. Hopefully you have been able to obtain a better understanding of primes and how they are used in real world applications